XSS at file uploading in instantsoft/icms2
Aug 14th 2023
In menu Add page, there is a upload file function and xss payload can be injected there.
1/ Access to the web demo and go to Add page menu.
2/ At upload file function, upload an file with filename is a payload xss.
3/ It will be triggered immediately.
Proof of Concept
Payload: "><img src=x onerror=alert(origin)>
Link video PoC: https://drive.google.com/file/d/1bgbbkTGhkKEYSVuQIyw58eKYjrW6pVc_/view?usp=sharing
Impact of Reflected XSS:
1/ The attacker can hijack user accounts.
2/ An attacker could steal credentials.
3/ An attacker could exfiltrate sensitive data.
4/ An attacker can steal cookies and Sessions.